CLAIMS 



1 . (Original) A method for a security manager device to manage a plurality of 
network security devices with a plurality of supervisor devices, each network security 
device generating network security information related to an associated group of network 
devices, storing the generated network security information on a primary supervisor device 
for the network security device when the primary supervisor device is available to store the 
generated network security information, and storing the generated network security 
information on an alternate supervisor device when the primary supervisor device Is 
unavailable, the method comprising: 

distributing security control information to multiple network security devices, 
the security control information to be used to generate network security information, by 

determining a supervisor device that is the primary supervisor device 
for each of the multiple network security devices; 

sending a single copy of the security control infomiation to the 
determined supervisor device; and 

indicating to the determined supervisor device to send a copy of the 
security control information to each of the multiple network security devices; and 

aggregating the network security information generated by an indicated one 
of the multiple network security devices using the security control information, by 

determining at least one alternate supervisor device that stores at 
least a portion of the network security information generated by the indicated network 
security device; 

notifying the primary supervisor device for the indicated network 
security device of a desire for the generated network security information, the notifying 
including an indication of the detemnined alternate supervisor devices; and 

in response, receiving the generated network security information, 
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so that the manager device can efficiently distribute infonnation to multiple network 
security devices, and can retrieve all of the generated network security information for a 
network security device because alternate supervisor devices will store the information 
when the primary supervisor device for the network security device is unavailable. 

2. (Original) The method of claim 1 including generating network security 
information by, for each network security device: 

monitoring network information passing between any network device in the 
associated group for the network security device and any network device not in the 
associated group; and 

when the monitored network infomiation is of an indicated type, 

detemiining whether the primary supervisor device for the network 
security device is available to receive infonnation; 

when the primary supervisor device is available, sending network 
security information about the monitored network information to the primary supervisor 
device for storage; and 

when the primary supervisor device is not available, sending network 
security information about the monitored network information to an alternate supervisor 
device for storage. 

3. (Original) The method of claim 2 wherein for each network security device, a 
security policy for the network security device specifies the indicated types of monitored 
network information for which to generate network security information and specifies data 
related to the monitored network infomiation to be included in the generated network 
security infomnation. 
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4. (Original) Tlie metlioci of claim 1 wherein the distributed security control 
information is software to be executed by the multiple network security devices to control 
the generation of the network security information. 

5. (Original) The method of claim 1 wherein the distributed security control 
information is a security policy template that defines the network security information to be 
generated, and including: 

after a copy of the security policy template has been sent to each of the 
multiple network security devices, configuring each copy of the security policy template 
with information specific to the network security device to which the security policy 
template was sent. 

6. (Original) The method of claim 1 wherein after the notifying of the primary 
supervisor device, the primary supervisor device sends the generated network security 
information to the manager device by: 

retrieving from each of the detemiined alternate supervisor devices the 
network security information generated by the indicated network security device; 

retrieving any network security information generated by the indicated 
network security device that is stored by the primary supervisor device; and 

sending the retrieved network security information to the manager device. 

7. (Original) The method of claim 1 including after the receiving of the 
generated network security information, aggregating the portions of the generated network 
security information stored by the determined alternate supervisor devices and any portion 
of the generated network security information stored by the primary supervisor device. 

8. (Original) The method of claim 1 wherein information is sent between the 
manager device and the supervisor devices and between the supervisor devices and the 
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network security devices in a secure form so that ottiers do not have access to contents of 
the information. 

9. (Original) The method of claim 1 including displaying to a user the plurality of 
network security devices and the plurality of supervisor devices in such a manner that the 
primary supervisor device for each of the network security devices is visually indicated, 
and wherein the distributing of the security control information to the multiple network 
security devices is in response to selection by the user of the displayed multiple network 
security devices. 

1 0. (Original) The method of claim 1 including displaying to a user the plurality of 
network security devices and the plurality of supervisor devices in such a manner that the 
primary supervisor device for each of the network security devices is visually indicated, 
and wherein the aggregating of the network security information generated by an indicated 
one of the multiple network security devices is in response to a visual indication by the 
user of the one multiple network security device. 

11. -30. (Cancelled) 

31. (Original) A method for distributing security policy implementation 
information to multiple security devices for use in implementing a security policy, the 
method comprising: 

for each of the security devices, determining a supervisor device currently 
associated with the security device; 

distributing the security policy implementation information to each of the 
determined supervisor devices; and 
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indicating to each of the determined supervisor devices to distribute the 
security policy implementation information to the security devices with which the supervisor 
device is associated. 

32. (Original) The method of claim 31 wherein the security policy implementation 
information is software to be executed by the security devices to control the implementing 
of the security policy. 

33. (Original) The method of claim 31 wherein the security policy implementation 
information is a security policy template that indicates the security information to be 
generated. 

34. (Original) The method of claim 33 including: 

after the security policy implementation information has been distributed to 
each of the security devices, configuring the security policy implementation infonnatlon 
distinctly on each security device. 

35. (Original) The method of claim 31 wherein the security policy implementation 
information is an instruction to be executed by the multiple security devices related to the 
implementing of the security policy. 

36. (Original) The method of claim 31 wherein the security policy implementation 
information is information common to the multiple security devices, and wherein for each of 
the multiple security devices the common infonnation is for configuring a security policy 
template for the security device with information specific to the security device. 

37. (Original) The method of claim 31 wherein before the security policy 
implementation information is distributed to each of the multiple security devices, at least 
some of the multiple security devices have existing security policy implementation 
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information of a similar type, and wherein for tliose security devices the security policy 
implementation infomiation to be distributed will replace the existing security policy 
implementation information. 

38. (Original) The method of claim 31 wherein before the security policy 
implementation information is distributed to each of the multiple security devices, at least 
some of the multiple security devices have existing security policy implementation 
information of a similar type, and wherein for those security devices the security policy 
implementation infomnation to be distributed will supplement the existing security policy 
implementation information. 

39. (Original) The method of claim 31 wherein the distributing of the security 
policy implementation information to each of the determined supervisor devices is 
performed in a manner such that the security policy implementation information is not 
accessible to other devices. 

40. (Original) The method of claim 31 including displaying to a user a view of the 
multiple security devices and the supervisor devices currently associated with the security 
devices, and wherein the distributing of the security policy implementation infomiation is in 
response to a visual selection by the user. 

41. -49. (Canceled) 

50. (Original) A method for distributing control information to multiple security 
devices for use in controlling the operation of the multiple security devices, the method 
comprising: 

for each of the security devices, detennining a supervisor device currently 
associated with the security device; 
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distributing tlie control infomiation to eacli of tine determined supervisor 

devices; and 

indicating to each of the determined supervisor devices to distribute the 
control information to the security devices with which the supervisor device is associated. 

51 . (Original) The method of claim 50 wherein after the control information is 
distributed to the security devices, the security devices operate in accordance with the 
control information. 

52. -81. (Cancelled) 

82. (Original) A computer-readable medium whose contents cause a manager 
device to distribute security policy implementation information to multiple security devices 
for use in implementing a security policy, by: 

for each of the security devices, detemiining a supervisor device currently 
associated with the security device; 

distributing the security policy implementation infomiation to each of the 
determined supervisor devices; and 

indicating to each of the determined supervisor devices to distribute the 
security policy implementation information to the security devices with which the supervisor 
device is associated. 

83. (Original) The computer-readable medium of claim 82 wherein the security 
policy implementation information is software to be executed by the security devices to 
control the implementing of the security policy. 

84. (Original) The computer-readable medium of claim 82 wherein the security 
policy implementation information is a security policy template that indicates the security 
information to be generated. 
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85. (Original) The computer-readable medium of claim 84 wherein the contents 
further cause the manager device to, after the security policy implementation information 
has been distributed to each of the security devices, configure the security policy 
implementation Information distinctly on each security device. 

86. (Original) The computer-readable medium of claim 82 wherein the security 
policy implementation information is an instruction to be executed by the multiple security 
devices related to the implementing of the security policy. 

87. (Original) The computer-readable medium of claim 82 wherein the contents 
further cause the manager device to display to a user a view of the multiple security 
devices and the supervisor devices currently associated with the security devices, and 
wherein the distributing of the security policy implementation infomiation is in response to 
a visual selection by the user. 

88. -105. (Cancelled) 
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